Guide to OpenVas on Ubuntu 9.04

26. Jun, 2009 Categories: Tools by admin 0 Comments

This guide is the second in a 3 part series. Part 1 covers the Installation of Nessus 4 on the Jaunty Jackalope – Ubuntu 9.04. Part 2 is the installation of OpenVas 2 on Ubuntu 9.04 and Part 3 will be a show down between the two vulnerability scanners. A full review with comparison scan results from a number of sample systems. Nessus is a commercial product from Tenable while OpenVas is an open source product that branched from the original Nessus open source project releasing version 1.0 in August 2008.

This guide will cover the installation of the following OpenVas components on Ubuntu 9.04 (Jaunty Jackalope). While specific to 64bit, other versions of Ubuntu should have no trouble with the following steps.

apt-get install build-essential libgtk2.0-dev libglib2.0-dev libssl-dev htmldoc libgnutls-dev libpcap0.8-dev bison libgpgme11-dev libsmbclient-dev snmp pnscan

wget http://wald.intevation.org/frs/download.php/595/openvas-client-2.0.4.tar.gz
wget http://wald.intevation.org/frs/download.php/561/openvas-libnasl-2.0.1.tar.gz
wget http://wald.intevation.org/frs/download.php/600/openvas-libraries-2.0.3.tar.gz
wget http://wald.intevation.org/frs/download.php/607/openvas-manager-0.6.1.tar.gz
wget http://wald.intevation.org/frs/download.php/588/openvas-plugins-1.0.7.tar.gz
wget http://wald.intevation.org/frs/download.php/593/openvas-server-2.0.2.tar.gz

As stated in the docs, the components you have downloaded should now be installed in the following order:

1. openvas-libraries
2. openvas-libnasl
3. openvas-server
4. openvas-plugins

tar zxvf openvas-libraries-2.0.3.tar.gz
cd openvas-libraries-2.0.3
./configure
make
make install

openvas-libraries has been sucessfully installed.
Make sure that /usr/local/bin is in your PATH before you
continue
Be sure to add /usr/local/lib in /etc/ld.so.conf and type ‘ldconfig’

Ubuntu is already good to go with these so move onto the libnasl

tar zxvf openvas-libnasl-2.0.1.tar.gz
cd openvas-libnasl-2.0.1
./configure
make
make install

tar zxvf openvas-server-2.0.2.tar.gz
cd openvas-server-2.0.2
./configure
make
make install

tar zxvf openvas-plugins-1.0.7.tar.gz
cd openvas-plugins-1.0.7
./configure
make
make install

tar zxvf openvas-client-2.0.4.tar.gz
cd openvas-client-2.0.4
./configure
make
make install

Type:

ldconfig

Create an SSL certificate for the openvas server:

openvas-mkcert

Create a user account on the openvas server:

openvas-adduser

Update your plugins:

openvas-nvt-sync

Start the server:

openvasd -D

Running from a server (no gui) works well and thats how we do it here at (HT). To run a scan you need to create a text file with your target IP’s or ranges.

echo “192.168.1.100″ >> iptoscan.txt

OpenVAS-Client –help
Usage:
OpenVAS-Client [OPTION...] – client for the OpenVAS security scanner

Help Options:
-?, –help Show help options
–help-all Show all help options
–help-gtk Show GTK+ Options

Application Options:
-v, –version Display version information
-n, –no-pixmap No pixmaps
-q, –batch-mode= Batch-mode scan
-c, –config-file=<.rcfile> Configuration file
-T, –output-type=[nbe|html|text|xml|tex] Output format
-V, –verbose Display status messages in batch mode
-p, –list-plugins Obtain list of plugins installed on the server
-P, –list-prefs Obtain list of server and plugin preferences
-i, –in-report= Input file (report conversion)
-o, –out-report= Output file (report conversion)
-x, –dont-check-ssl-cert Override SSL “paranoia” question preventing OpenVAS-Client from checking certificates
-S, –sqlize-output Issue SQL output for -p and -P (experimental)
-s, –list-sessions= List sessions
-R, –restore-session= Restore session
–display=DISPLAY X display to use

OpenVAS-Client -q 127.0.0.1 1241 admin password iptoscan.txt scanresults.html -T html

Well the server is not listening here so a quick check to find the port its on:

netstat -nap | grep openvas

tcp 0 0 0.0.0.0:9390 0.0.0.0:* LISTEN 11265/openvasd: wai

Listening on 9390 so change the client line to the correct port!

OpenVAS-Client -q 127.0.0.1 9390 admin password iptoscan.txt scanresults.html -T html

Accept the certificate when prompted.

Once the scan is completed take a look at scanresults.html for your complete report.

There are many benefits to running the OpenVas Client from a command line, you can easily schedule tasks and script using simple bash much of your vulnerability assessment requirements. Run a scan against your servers each week or each month and quickly pickup any new services and vulnerabilities.

If you wish to use the GUI client, check your gnome menu’s you should have a new program. Not too difficult from there to work out the client. :)

Comments are closed.